This site will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device.

Current Stable Version of Sudo

The current stable version of sudo is 1.6.9p17.

Major changes from version 1.6.9p16 to 1.6.9p17:

  • The -i flag now implies resetting the environment, as it did in sudo version prior to 1.6.9.

  • Fixed the configure test for dirfd() under Linux.

  • Fixed the configure test for whether -lintl is required.

  • Changed how sudo handles the child process when sending mail. This fixes a problem on Linux with the mail_always option.

  • Fixed a problem with line continuation characters inside of quoted strings.

Major changes from version 1.6.9p15 to 1.6.9p16:

  • There was missing whitespace before the ldap libraries in the Makefile for some configurations.

  • LDAPS_PORT may not be defined on older Solaris LDAP SDKs.

  • If the LDAP server could not be contacted and the user was not present in sudoers, a syntax error in sudoers was incorrectly reported.

Major changes from version 1.6.9p14 to 1.6.9p15:

  • Fixed the installation of sudo_noexec.so on AIX.

  • Updated libtool to version 1.5.26.

  • Fixed printing of the default SELinux role and type in -V mode.

  • The HOME environment variable is once again preserved by default, as per the documentation.

Major changes from version 1.6.9p13 to 1.6.9p14:

  • Fixed an invalid assumption in the PAM conversation function introduced in version 1.6.9p9. The conversation function may be called for non-password reading purposes as well.

  • Fixed freeing an uninitialized pointer in -l mode, introduced in version 1.6.9p13.

  • Sudo will now check /etc/sudoers after LDAP even if the user was found in LDAP. This allows Defaults options in /etc/sudoers to take effect.

  • Added a missing check for enforcing mode in the SELinux RBAC support.

Major changes from version 1.6.9p12 to 1.6.9p13:

  • Sudo will now set the nproc resource limit to unlimited on Linux systems to work around Linux's setuid() resource limit semantics. On PAM systems the resource limits will be reset by pam_limits.so before the command is executed.

  • SELinux support that can be used to implement role based access control (RBAC). A role and (optional) type may be specified in sudoers or on the command line. These are then used in the security context that the command is run as.

  • Fixed a Kerberos 5 compilation problem with MIT Kerberos.

Major changes from version 1.6.9p11 to 1.6.9p12:

  • Added a configure check for the ber_set_option() function.

  • Fixed a compilation problem with the HP-UX K&R C compiler.

  • Revamped the Kerberos 5 ticket verification code.

  • Added support for the checkpeer ldap.conf variable for netscape-based LDAP SDKs.

  • Fixed a problem where an incomplete password could be echoed to the screen if there was a read timeout.

Major changes from version 1.6.9p10 to 1.6.9p11:

  • Fixed a compilation problem on SCO UNIX related to how it stores the high resolution timestamps in struct stat.

  • Avoid checking the passwd file group multiple times in the LDAP query when the user's passwd group is also listed in the supplemental group vector.

  • The URI specifier can now be used in ldap.conf even when the LDAP SDK doesn't support ldap_initialize().

  • New %p prompt escape that expands to the user whose password is being prompted, as specified by the rootpw, targetpw and runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.

Major changes from version 1.6.9p9 to 1.6.9p10:

  • Moved LDAP options into a table for simplified parsing/setting.

  • Fixed a problem with how some LDAP options were being applied.

  • Added support for connecting directly to LDAP servers via SSL/TLS for servers that don't support the start_tls extension.

Major changes from version 1.6.9p8 to 1.6.9p9:

  • The ALL command in sudoers now implies SETENV permissions.

  • The command search is now performed using the target user's auxiliary group vector, not just the target's primary group.

  • When determining if the PAM prompt is the default "Password: ", compare the localized version if possible.

  • New passprompt_override option in sudoers to cause sudo's prompt to be used in all cases. Also set when the -p flag is used.

Major changes from version 1.6.9p7 to 1.6.9p8:

  • Fixed a bug where a sudoers entry with no runas user specified was treated differently from a line with the default runas user explicitly specified.

Major changes from version 1.6.9p6 to 1.6.9p7:

  • Go back to using TCSAFLUSH instead of TCSADRAIN when turning off echo during password reading.

  • Fixed a configure bug that was preventing the addition of -lutil for login.conf support on FreeBSD and NetBSD.

  • Add configure check for struct in6_addr since some systems define AF_INET6 but have no real IPv6 support.

Major changes from version 1.6.9p5 to 1.6.9p6:

  • Worked around bugs in the session support of some PAM implementations. The full tty path is now passed to PAM as well.

  • Sudo now only prints the password prompt if the process is in the foreground.

  • inttypes.h is now included when appropriate if it is present.

  • Simplified alias allocation in the parser.

Major changes from version 1.6.9p4 to 1.6.9p5:

  • Fixed a bug in the IP address matching introduced by the IPV6 merge.

  • For "visudo -f file" we now use the permissions of the original file and not the hard-coded sudoers owner/group/mode. This makes it possible to use visudo with a revision control system.

  • Fixed sudoedit when used on a non-existent file.

  • Regenerated configure using autoconf 2.6.1 and libtool 1.5.24.

  • Groups and netgroups are now valid in an LDAP sudoRunas statement.

Major changes from version 1.6.9p3 to 1.6.9p4:

  • Added IPv6 support from YOSHIFUJI Hideaki.

  • Fixed the sudo_noexec installation path.

  • Fixed a compilation error on old K&R-style compilers.

Major changes from version 1.6.9p2 to 1.6.9p3:

  • Fixed a bug related to supplemental group matching introduced in sudo 1.6.9.

Major changes from version 1.6.9p1 to 1.6.9p2:

  • Fixed updating of the saved environment when the environ pointer gets changed out from underneath us.

Major changes from version 1.6.9 to 1.6.9p1:

  • Worked around a bug ins some PAM implementations that caused a crash when no tty was present.

  • Fixed a crash on some platforms in the error logging function.

  • Documentation improvements.

Major changes from version 1.6.8p12 to 1.6.9:

  • The env_reset option is enabled by default. Commands run through sudo now receive a minimal environment with certain variables passed through and/or checked. The list of variables allowed is configurable via the env_keep and env_check options in sudoers.

  • The new -E option will preserve the environment if the SETENV tag is set for the command or if the setenv sudoers option is enabled.

  • Environment variables may now be set on the command line in the form VAR=value. They are subject to the same restrictions as normal environment variables. If the SETENV tag is set for the command or if the setenv sudoers option is enabled, the user may set variables that would overwise be forbidden.

  • Fixed a file descriptor leak when the lecture file option is enabled.

  • Expanded the list of potentially unsafe variables to remove from the environment if the env_reset option is disabled.

  • PAM is now the default on systems that support it.

  • Removed POSIX saved uid use; the stay_setuid option now requires the setreuid() or setresuid() functions to work.

  • Reworked configure with up to date autoconf and libtool.

  • PAM fixes. If the user enters ^C at the password prompt, abort instead of trying to authenticate with an empty password (which causes an annoying delay). Also Call pam_open_session() and pam_close_session() to give pam_limits a chance to run.

  • Security fix for Kerberos5. If we cannot get a valid service key using the default keytab it is a fatal error. Now uses krb5_verify_user() and krb5_init_secure_context() if they are available.

  • Fixed securid5 authentication.

  • Added fcntl F_CLOSEM support to closefrom().

  • Added NOEXEC support for AIX 5.3.

  • Sudo now uses the supplemental group vector for matching. This fixes problems with split group lines in /etc/group as well as multiple group sources in nsswitch.conf.

  • Mail from sudo now includes an Auto-Submitted: auto-generated header ala rfc 3834.

  • Remove the --with-execv option, it was not useful.

  • Use TCSADRAIN instead of TCSAFLUSH in tgetpass() since some operating systems have issues with TCSAFLUSH.

  • Use glob(3) instead of fnmatch(3) for matching pathnames and stat() each result that matches the basename of the user's command. This makes "cd /usr/bin ; sudo ./blah" work when sudoers allows /usr/bin/blah.

  • Reworked the syslog long line splitting code.

  • Sudo can now with deal more than 32 network interfaces on Solaris.

  • Visudo will now honor command line arguments in the EDITOR or VISUAL environment variables if env_editor is enabled.

  • LDAP now honors rootbinddn, timelimit and bind_timelimit in /etc/ldap.conf.

  • For LDAP, do a sub tree search instead of a base search (one level in the tree only) for sudo right objects. This allows system administrators to categorize the rights in a tree to make them easier to manage.

  • Added support for Solaris 10 project resource limits.

  • The sudoers2ldif script now parses Runas users.

  • The -- flag on the command line now behaves as documented.

  • sudo -k/-K no longer prints an error if the timestamp is in the future.

  • When searching for a command, sudo now uses the effective gid of the runas user.

  • Sudo no longer updates the timestamp if the user was not validated by the sudoers file.

  • Sudo now rebuilds the environment regardless of how it was invoked.

For full details see the CHANGES file or view the commit logs via cvsweb.